socket-nginx代理

./configure  --prefix=/usr/local/nginx --with-stream

1	./configure --prefix=/usr/local/nginx --with-stream

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}

#http请求模块
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

#添加stream socket模块
stream {

	log_format proxy '$remote_addr - [$time_local] '
					'$protocol $status $bytes_sent $bytes_received '
					'$session_time "$upstream_addr" '
					'"$upstream_bytes_sent" "$upstream_bytes_received"                 
					"$upstream_connect_time" '
					'$remote_addr $remote_port $server_addr $server_port';
 
    # 后端指向redis哨兵服务的端口 stream_backend 组
    #upstream stream_backend {
    #     server redis-sentinel-1:26379;
    #     server redis-sentinel-2:26380;
    #	 server redis-sentinel-3:26381;
    #}
    upstream stream_backend {
         server 192.168.66.180:26379;
         server 192.168.66.180:26380;
	 server 192.168.66.180:26381;
    }

	server {
        #本机监听端口26378
        listen	26378;
        proxy_pass	stream_backend; #请求抛给 stream_backend 组
        access_log logs/seninel.access.log proxy;
    }

	include ./conf.d/*.tcpstream;
}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

user nginx;

worker_processes auto;

error_log /var/log/nginx/error.log notice;

pid /var/run/nginx.pid;

events {

worker_connections 1024;

}

#http请求模块

http {

include /etc/nginx/mime.types;

default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;

#tcp_nopush on;

keepalive_timeout 65;

#gzip on;

include /etc/nginx/conf.d/*.conf;

}

#添加stream socket模块

stream {

log_format proxy '$remote_addr - [$time_local] '

'$protocol $status $bytes_sent $bytes_received '

'$session_time "$upstream_addr" '

'"$upstream_bytes_sent" "$upstream_bytes_received"

"$upstream_connect_time" '

'$remote_addr $remote_port $server_addr $server_port';

# 后端指向redis哨兵服务的端口 stream_backend 组

#upstream stream_backend {

# server redis-sentinel-1:26379;

# server redis-sentinel-2:26380;

# server redis-sentinel-3:26381;

#}

upstream stream_backend {

server 192.168.66.180:26379;

server 192.168.66.180:26380;

server 192.168.66.180:26381;

}

server {

#本机监听端口26378

listen 26378;

proxy_pass stream_backend; #请求抛给 stream_backend 组

access_log logs/seninel.access.log proxy;

}

include ./conf.d/*.tcpstream;

}

#这里注意下如果上面配置文件负载使用的是docker服务名称，这里启动注意要和服务在同一个网络，如果是ip则不用设置network

docker run -d -p 80:80 -p 26378:26378 --name nginx -v /wwwroot:/var/www -v /etc/nginx/nginx.conf:/etc/nginx/nginx.conf -v /etc/nginx/logs/:/etc/nginx/logs --network=redis_default --restart=always nginx


docker run -d -p 80:80 -p 26378:26378 --name nginx -v /wwwroot:/var/www -v /etc/nginx/nginx.conf:/etc/nginx/nginx.conf -v /etc/nginx/logs/:/etc/nginx/logs --restart=always nginx

1

2

3

4

5

6

#这里注意下如果上面配置文件负载使用的是docker服务名称，这里启动注意要和服务在同一个网络，如果是ip则不用设置network

docker run -d -p 80:80 -p 26378:26378 --name nginx -v /wwwroot:/var/www -v /etc/nginx/nginx.conf:/etc/nginx/nginx.conf -v /etc/nginx/logs/:/etc/nginx/logs --network=redis_default --restart=always nginx

docker run -d -p 80:80 -p 26378:26378 --name nginx -v /wwwroot:/var/www -v /etc/nginx/nginx.conf:/etc/nginx/nginx.conf -v /etc/nginx/logs/:/etc/nginx/logs --restart=always nginx

curl --no-buffer -H 'Connection: keep-alive, Upgrade' -H 'Upgrade: websocket' -v -H 'Sec-WebSocket-Version: 13' -H 'Sec-WebSocket-Key: websocket' http://192.168.66.180:26378 ws | od -t c


curl --include \
     --no-buffer \
     --header "Connection: Upgrade" \
     --header "Upgrade: websocket" \
     --header "Host: 192.168.66.180:26378" \
     --header "Origin: http://192.168.66.180:26378" \
     --header "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" \
     --header "Sec-WebSocket-Version: 13" \
     http://192.168.66.180:26378/

1

2

3

4

5

6

7

8

9

10

11

12

13

curl --no-buffer -H 'Connection: keep-alive, Upgrade' -H 'Upgrade: websocket' -v -H 'Sec-WebSocket-Version: 13' -H 'Sec-WebSocket-Key: websocket' http://192.168.66.180:26378 ws | od -t c

curl --include \

--no-buffer \

--header "Connection: Upgrade" \

--header "Upgrade: websocket" \

--header "Host: 192.168.66.180:26378" \

--header "Origin: http://192.168.66.180:26378" \

--header "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" \

--header "Sec-WebSocket-Version: 13" \

http://192.168.66.180:26378/

stream {
    upstream stream_backend {
        least_conn;
        server backend1.example.com:12345 weight=5;
        server backend2.example.com:12345 max_fails=2 fail_timeout=30s;
        server backend3.example.com:12345 max_conns=3;
    }
    
    upstream dns_servers {
        least_conn;
        server 192.168.136.130:53;
        server 192.168.136.131:53;
        server 192.168.136.132:53;
    }
    
    server {
        listen        12345;
        proxy_pass    stream_backend;
        proxy_timeout 3s;
        proxy_connect_timeout 1s;
    }
    
    server {
        listen     53 udp;
        proxy_pass dns_servers;
    }
    
    server {
        listen     12346;
        proxy_pass backend4.example.com:12346;
    }
}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

stream {

upstream stream_backend {

least_conn;

server backend1.example.com:12345 weight=5;

server backend2.example.com:12345 max_fails=2 fail_timeout=30s;

server backend3.example.com:12345 max_conns=3;

}

upstream dns_servers {

least_conn;

server 192.168.136.130:53;

server 192.168.136.131:53;

server 192.168.136.132:53;

}

server {

listen 12345;

proxy_pass stream_backend;

proxy_timeout 3s;

proxy_connect_timeout 1s;

}

server {

listen 53 udp;

proxy_pass dns_servers;

}

server {

listen 12346;

proxy_pass backend4.example.com:12346;

}

问题：websocket: the client is not using the websocket protocol: 'upgrade' token not found in 'Connection' head
#grafana反向代理遇到此问题
granfana 反向代理或负载平衡器未正确传递WebSocket请求时，就会出现此问题

1

2

3

问题：websocket: the client is not using the websocket protocol: 'upgrade' token not found in 'Connection' head

#grafana反向代理遇到此问题

granfana 反向代理或负载平衡器未正确传递WebSocket请求时，就会出现此问题

    server{
        listen  3000;
        server_name loki.xiaozikeji.cn;
        location / {
            proxy_pass http://192.168.0.210:3000;

            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 60;
            proxy_read_timeout 600;
            proxy_send_timeout 600;
        }
    }

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

server{

listen 3000;

server_name loki.xiaozikeji.cn;

location / {

proxy_pass http://192.168.0.210:3000;

proxy_http_version 1.1;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection "upgrade";

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_connect_timeout 60;

proxy_read_timeout 600;

proxy_send_timeout 600;

}

            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 60;
            proxy_read_timeout 600;
            proxy_send_timeout 600;

1

2

3

4

5

6

7

8

proxy_http_version 1.1;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection "upgrade";

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_connect_timeout 60;

proxy_read_timeout 600;

proxy_send_timeout 600;

#参考：https://blog.csdn.net/qq_32448349/article/details/100705987

1	#参考：https://blog.csdn.net/qq_32448349/article/details/100705987

stream {
        server_traffic_status_zone;
        upstream kube_apiserver {
            {{ $servers := split (getenv "CP_HOSTS") "," }}{{range $servers}}
            server {{.}}:BACKEND_PORT;
            {{end}}
            check interval=1000 rise=2 fall=3 timeout=2000 default_down=true type=tcp;
        }

        server {
          {{ $servers := split (getenv "HOST_PORT") "," }}{{range $servers}}
            listen        {{.}} so_keepalive=on;
            listen        [::]:{{.}} ipv6only=on so_keepalive=on;
            {{end}}
            proxy_socket_keepalive on;
            proxy_buffer_size 512k;
            proxy_pass    kube_apiserver;
            proxy_timeout 5m;
            proxy_connect_timeout 2s;

        }

}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

stream {

server_traffic_status_zone;

upstream kube_apiserver {

server {{.}}:BACKEND_PORT;

check interval=1000 rise=2 fall=3 timeout=2000 default_down=true type=tcp;

}

server {

listen {{.}} so_keepalive=on;

listen [::]:{{.}} ipv6only=on so_keepalive=on;

proxy_socket_keepalive on;

proxy_buffer_size 512k;

proxy_pass kube_apiserver;

proxy_timeout 5m;

proxy_connect_timeout 2s;

}

您可能还会对这些文章感兴趣！